CVE-2025-49752
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-20
Last updated on: 2025-11-21
Assigner: Microsoft Corporation
Description
Description
Azure Bastion Elevation of Privilege Vulnerability
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| microsoft | azure_bastion_developer | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-294 | A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Elevation of Privilege issue in Azure Bastion, which means an attacker could gain higher privileges than intended within the Azure Bastion service.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability could gain full control over affected systems or data, leading to severe confidentiality, integrity, and availability impacts.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70